<?php
// This is the page that the ES script calls to ban
require_once(ROOTDIR."/include/database/class.BanQueries.php");
require_once(ROOTDIR."/include/database/class.UserQueries.php");
require_once(ROOTDIR."/include/database/class.LengthQueries.php");

// For getting from URL which is used by ES
$hash = $_GET['hash']; // User is passed if given from ES (admin's Steam ID)
$steamId = $_GET['steamId']; // One being banned
$lengthId = $_GET['length']; // The ID of the ban length
$reason = $_GET['reason']; // Reason of ban
$banner = $_GET['banner']; // Steam ID of banner
$serverId = $_GET['serverId'];
$nameOfBanned = $_GET['name']; // Name of banned user
$ipOfBanned = $_GET['ip']; // IP address of banned user
$bannerName = $_GET['bannerName']; // The name of the banner

// Make sure the process in ES is calling it
// otherwise it is a hack attempt from the outside

if($hash == $config->matchHash) {

  // Make sure special chars for MySQL are escaped
  $nameOfBanned = addslashes($nameOfBanned);
  $bannerName = addslashes($bannerName);

  // Trim IP of banned
  $ipOfBanned = explode(":", $ipOfBanned);
  $ipOfBanned = $ipOfBanned[0];
  
  $banQueries = new BanQueries();
  $userQueries = new UserQueries();
  $lengthQueries = new LengthQueries();

  $user = $userQueries->getUserInfoBySteamId($banner);
  $length = $lengthQueries->getBanLength($lengthId);
  
  $isUserMember = false;
  // If we are not allowing admin bans, then make sure the one being banned is not an admin
  if(!$config->allowAdminBans) {
    $isUserMember = $userQueries->isMember($steamId);
  }
  
  $username = trim($user->getName());
  // Set the name of the banner if they aren't registered on the website
  if(empty($username)) {
    $user->setName($bannerName);
  }
  
  $pending = 0; // Default pending state is off
  
  // HARDCODED: 4 = member
  if($user->getAccessLevel() == 4) {
    $pending = 1;
  }
  
  // Validate IP
  if(!preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $ipOfBanned)) {
    $ipOfBanned = null;
  }
  
  // Do not ban if it was an admin
  if(!$isUserMember) {
    if($length->getLength() > 0) {
      $lengthInSec = $length->getLengthInSeconds();
      $expireDate = time() + $lengthInSec; // Expire date

      // Add the new ban non-perma ban
      if($length->getTimeScale() == "minutes" || $length->getTimeScale() == "hours" || ($length->getTimeScale() == "days" && $length->getLength() == 1)) {
        // 1 day bans or shorter take affect immediately for all members
        $banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), $expireDate, $reason, $user->getName(), 0, $nameOfBanned, $serverId, $ipOfBanned, $banner);
      } else {
        // bans longer than 1 day are put into pending mode if the user only has member level priveliges
        $banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), $expireDate, $reason, $user->getName(), $pending, $nameOfBanned, $serverId, $ipOfBanned, $banner);
      }
    } else {
      // Add perma ban
      $banId = $banQueries->addBan($steamId, $length->getLength(), $length->getTimeScale(), time(), $reason, $user->getName(), $pending, $nameOfBanned, $serverId, $ipOfBanned, $banner);
    }
  }
  
  // Make sure $banId is valid and that the user wants emails sent
  if($banId > 0 && $config->sendEmails) {
    // Email
    $subject = "Ban Added In-Game by ".$user->getName();
    
    $body = "<html><body>";
    $body .= "The following ban has been added by ";
    if($member) {
      $body .= "a Member and MUST be reviewed.";
    } else {
      $body .= "an Admin.";
    }
    $body .= "\n\n";
    
    // Use this to build the URL link (replace processWebBanUpdate with updateBan)
    $url = "http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
    str_replace("processWebBanUpdate", "updateBan", "$url");
    
    $body .= "\n\n";
    $body .= "Click on the following link to review the newly added ban: <a href='".$url."&banId=".$banId."'>New Ban</a>";
    $body .= "<p>".$nameOfBanned." (".$steamId.") was banned from all servers.</p>";
    $body .= "</body></html>";
      
    $banManagerEmails = $config->banManagerEmails;
    for($i=0; $i<count($banManagerEmails); $i++) {
      
      // To send HTML mail, the Content-type header must be set
      $headers  = "MIME-Version: 1.0" . "\r\n";
      $headers .= "Content-type: text/html; charset=utf-8" . "\r\n";			
      // Additional headers
      $headers .= "From: ".$config->siteName." Ban Management <".$config->emailFromHeader.">" . "\r\n";
      
      // Send an email message to those that wish to recieve a notice of a newly added ban
      mail($banManagerEmails[$i], $subject, $body, $headers);
    }
  }
  echo $body;
} else {
  echo "Failed to add ban.";
}
?>
